Bybit Receives 50K+ ETH from Binance and Bitget, Signaling Strong Market Confidence

Binance and Bitget sent over 50,000 ETH to Bybit after a $1.46B hack linked to Lazarus Group. Bybit reassured users of stability and is securing bridge loans for recovery.

Zagham Abbas
February 22, 2025
12:13 pm

Zagham Abbas

Zagham is a renowned crypto journalist known for his insightful analysis and in-depth reporting on the cryptocurrency industry.

Binance and Bitget transferred over 50,000 ETH to Bybit to stabilize the exchange after a $1.46B hack.
The attack, linked to North Korea’s Lazarus Group, targeted a compromised Ethereum cold wallet.
Bybit reassured users of financial stability and is securing bridge loans for recovery.

Binance and Bitget have rushed to Bybit’s rescue after a catastrophic security breach. The attack, attributed to the notorious North Korea-linked Lazarus Group, resulted in the theft of a staggering 401,346 ETH valued at approximately $1.46 billion from Bybit’s reserves.

Blockchain data reveals that Binance and Bitget rapidly moved more than 50,000 ETH directly into Bybit’s cold wallets in an evident bid to shore up the besieged exchange. The transfers skipped usual deposit addresses, indicating a concerted effort to bolster Bybit’s liquidity and avert market panic.

Binance and Bitget just deposited 50k+ ETH directly into Bybit's cold wallets. Bitget's deposits are especially interesting; its 1/4 of all of the exchange's ETH! (that I can see)

Since they skipped a deposit address, these funds were coordinated directly by Bybit themselves pic.twitter.com/yimpcYpLx7
— Conor (@jconorgrogan) February 21, 2025

Of the emergency funds, Bitget alone contributed 39,999 ETH—half of its excess Ethereum reserves, per its Proof-of-Reserve disclosure as of Jan. 9. The sizable transfer underscores the scope of the breach and how quickly Bybit’s industry peers acted to contain further fallout.

Bybit CEO Confirms Massive Ethereum Hack

Bybit CEO Ben Zhou confirmed that the exploit was a consequence of an Ethereum cold wallet hack, compromised through a hijacked multi-signature transaction. While Zhou did not disclose information on how the breach was conducted, security professionals believe that the attack bore the hallmarks of the Lazarus Group’s past cyber attacks.

Bybit ETH multisig cold wallet just made a transfer to our warm wallet about 1 hr ago. It appears that this specific transaction was musked, all the signers saw the musked UI which showed the correct address and the URL was from @safe . However the signing message was to change…
— Ben Zhou (@benbybit) February 21, 2025

Despite the enormous loss, Zhou assured users that Bybit remains financially solvent. The exchange is currently in talks with strategic partners to secure bridge loans, further shoring up its ability to cover user assets.

Famous blockchain detective ZachXBT has blamed the attack on Lazarus Group, a cybercrime gang operating under the aegis of North Korea. The gang has earned a reputation for carrying out some of the most daring crypto robberies ever, including the high-profile $625 million Ronin Network hack in 2022, which targeted Axie Infinity.

BREAKING: BYBIT $1 BILLION HACK BOUNTY SOLVED BY ZACHXBT

At 19:09 UTC today, @zachxbt submitted definitive proof that this attack on Bybit was performed by the LAZARUS GROUP.

His submission included a detailed analysis of test transactions and connected wallets used ahead of… https://t.co/O43qD2CM2U pic.twitter.com/jtQPtXl0C5
— Arkham (@arkham) February 21, 2025

Lazarus Group’s modus operandi typically involves advanced phishing campaigns, supply chain attacks, and vulnerabilities in exchange security protocols. The group’s involvement in the Bybit breach further underscores the growing sophistication of state-sponsored cyber threats in crypto.

Bybit Hack Sparks Crypto Security Fears

The Bybit hack has reignited security fears surrounding exchanges, particularly with increased attacks targeting centralized platforms. As Bybit battles to regain footing following the hack, the crypto space is closely watching how regulatory bodies and industry players respond.

This latest high-profile heist also highlights the need for robust security controls, active threat monitoring, and cross-industry collaboration to combat cybercrime. While Lazarus Group tirelessly persists in pursuing crypto funds to fund North Korea’s regime, exchanges must remain on high alert and continue to strengthen defenses against ever-emerging threats.

For now, Bybit’s future hinges on the success of its recovery efforts and the ongoing intervention of big industry players who step in to bring stability to an ever-volatile market.